Closed
Bug 1126142
Opened 9 years ago
Closed 6 months ago
SSL_GetChannelInfo should return whether peer has the BEAST fix applied or not
Categories
(NSS :: Libraries, enhancement, P5)
Tracking
(Not tracked)
RESOLVED
WONTFIX
People
(Reporter: ashwani.kadian, Unassigned)
Details
User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Firefox/31.0 Build ID: 20150105205548 Steps to reproduce: A simple handshake with different clients, with and without BEAST fix. Actual results: Server is not able to recognize if client has BEAST fix in place or not. Expected results: Server should be able to query the clients if they have BEAST fix or not. Server should check internally in the socket state if the peer is breaking packets or not and then return that within SSL_GetChannelInfo().
|
||
Updated•9 years ago
|
Severity: normal → enhancement
Status: UNCONFIRMED → NEW
Ever confirmed: true
|
|
||
Comment 1•9 years ago
|
||
Actually this applies to both sides. The client could also find out if the server has the fix.
|
|
||
Comment 2•9 years ago
|
||
This obviously only applies to connections using CBC cipher suites.
Summary: Server should know if client has BEAST fix or not → SSL_GetChannelInfo should return whether peer has the BEAST fix applied or not
|
||
Updated•2 years ago
|
Severity: normal → S3
|
||
Updated•6 months ago
|
Severity: S3 → N/A
Status: NEW → RESOLVED
Closed: 6 months ago
Priority: -- → P5
Resolution: --- → WONTFIX
You need to log in
before you can comment on or make changes to this bug.
Description
•